2 matches found
CVE-2019-20456
CVE-2019-20456 affects Goverlan Reach Console prior to 9.50, Goverlan Reach Server prior to 3.50, and Goverlan Client Agent prior to 9.20.50. The issue is an Untrusted Search Path that enables Command Injection and Local Privilege Escalation via DLL hijacking. Root cause: DLL search order hijack ...
CVE-2022-31215
In Goverlan products, during a Goverlan agent update the Windows Firewall is temporarily disabled, allowing a remote attacker to bypass firewall blocking rules for up to 30 seconds. Affected are Goverlan Reach Console < 10.5.1, Reach Server < 3.70.1, and Reach Client Agents